redline | 880-55-0x0000000000400000-0x0000000000432000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

880-55-0x0...ry.exe

windows7-x64

880-55-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

personallive7 redline

1 signatures

Behavioral task

behavioral1

Sample

880-55-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

880-55-0x0000000000400000-0x0000000000432000-memory.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

880-55-0x0000000000400000-0x0000000000432000-memory.dmp
Size

200KB
MD5

ed4d73815bbb064dfdd9745375573aea
SHA1

cfaad8403e4b85a33988fa97e04ec58e0989b0d1
SHA256

0130e1ccf3defdc8bfbb6154c2af944f6c0fc29fdabd1c066771632d8fa7a608
SHA512

ebf24c0c9f33a9fd6ab8ff319d06824b96f54a20fe934a98c6d152f2750f64e4f8a86bb10d5de3be479b1ed9a210cf7835ddd3a4fcca02baede0abb76e43f927
SSDEEP

3072:txqZWR5a+ki/nCpeUyUwze6e9xh/rxNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jf:3qZiCpeTnwxh

Score

10^/10

personallive7 redline

Malware Config

Extracted

Family

redline

Botnet

personallive7

C2

176.123.9.142:14845

Attributes

auth_value
d2003b237c9a921cee44c3f72fdd2cd4

Signatures

Redline family
redline

Files

880-55-0x0000000000400000-0x0000000000432000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy